The present invention relates to an electronic voting system and method for implementing secure secret voting in elections, questionnaire surveys or the like which are conducted through a telecommunication system. The invention also pertains to a recording medium having recorded thereon a program for implementing the electronic voting method.
What is intended to mean by the word “voting” herein is a procedure in which voters each choose a predetermined number (one or more) of candidates from those offered to them and a counter counts the number of votes cast for each candidate. The candidates mentioned herein may be not only the names of candidates in elections but also items or headings of choice in statistic surveys. And the content of the vote is identification information representing the candidate chosen by the voter, such as a symbol, name, or heading.
Since the secrete voting scheme provides security for the correspondence between the voters and the contents of their votes and lends itself to protecting the privacy of individuals for their thought and belief, the scheme can be used, for instance, in teleconferencing and questionnaire surveys by CATV or similar two-way communication.
To implement secure secret voting by telecommunication, it is necessary to prevent the impersonation of voters, double voting and a leakage of the content of the vote by wiretapping its message or text. As a solution to these problems, there have been proposed electronic voting schemes using the digital signature technique, for example, in Atsushi Fujioka, Tatsuaki Okamoto and Kazuo Ohta, “A practical secret voting scheme for large scale elections,” Advances in Cryptology-AUSCRYPT' 92, Lecture Notes in Computer Science 718, Springer-Verlag, Berlin, pp.244-251 (1993) and Japanese Patent Application Laid-Open No. 19943/94 (laid open Nov. 28, 1994) entitled “Electronic Voting Method and Apparatus.”
In this conventional method, a voter Vi encrypts the content of his vote (hereinafter referred to as the vote content) vi by a key ki into a ciphertext xi, then randomizes it by a random number ri to create a preprocessed text ei for getting a blind signature, then attaches his signature si to the text ei, and sends the signed text to an election administrator A. The administrator A first verifies the validity of the voter Vi on the basis of the signature si, then attaches his blind signature di to the preprocessed text ei, and sends it back to the voter Vi. The voter Vi retrieves a signature yi of the election administrator A for the ciphertext xi from the blind signature di affixed to the preprocessed text ei, and sends the administrator's signature yi to a counter C together with the ciphertext xi. The counter C makes sure that the ciphertext xi bears the administrator's signature yi, and publishes the ciphertext xi in its entirety. The voter Vi sends the counter C the key ki used for the encryption of his vote content vi when his ciphertext xi is found registered, and if not registered, the voter Vi presents a protest against the counter C. The counter C uses his received key ki to decode or retrieve the vote content vi from the ciphertext xi, and counts the number of votes cast for each candidate.
With this method, however, it is necessary for the voter Vi to confirm the registration of his cipherteXt xi by checking a list of ballots that is published after completion of the voting of all voters and to send the key ki to the counter C. Hence, the conventional system lacks usability from a voter's point of view.
The followings are pertinent references, but do not solve the above stated problems: Japanese Patent Application Laid Open Nos. 6-223250 (Aug. 12, 1994), 6-176228 (Jun. 24, 1994), 7-28915 (Jan. 31, 1995), 10-74182 (Mar. 17, 1998), 10-283420 (Oct. 23, 1998) 1-177164 (Jul. 13, 1989), and 10-74046 (Mar. 17, 1998). D. Chaum, “Elections with Unconditionally-Secret Ballots and Disruption Equivalent to Breaking RSA”, in Advances in Cryptology, EUROCRYPT '88, Lecture Notes in Computer Science 330, Springer-Verlag, Berlin, pp. 177-182 (1988), L. F. Cranor et al., “Design and Implementation of a Practical Security-Conscious Electronic Polling System”, WUCS-96-02, Department of Computer Science, Washington University, St. Louis (January, 1996), M. A. Herschberg, “Secure Electronic Voting Over the World Wide Web”, Masters Thesis in Electrical Engineering and Computer Science, Massachusetts Institute of Technology (1997).